Quantstamp recently audited Edgeware's lockdrop contract. Edgeware is the first smart contract platform which plans to integrate with Polkadot, a blockchain interoperability platform. Built as a parachain of Polkadot, Edgeware is a WebAssembly (Wasm) runtime, high-performance, self-upgrading smart contract platform with on-chain governance. As an infrastructure project, Edgeware aims to address many of the shortcomings facing blockchain technology, including governance hurdles, developer accessibility, and token distribution challenges.

“At Quantstamp we’re invested in blockchain technology and want to see it succeed,” says Richard Ma, CEO of Quantstamp. “Scalability and interoperability are some of the biggest challenges facing the industry now. By auditing the lockdrop for Edgeware - a scalable smart contract platform built for Polkadot - we aim to help push forward the next generation of blockchain technology and allow it to thrive.”

Built by Commonwealth Labs, Edgeware is the first announced smart contract platform for Polkadot, a promising new blockchain-interoperability platform. Created as a “parachain”, it aims to make it easy to build smart contract-based applications on Polkadot and features a robust on-chain governance model. Participants can vote, delegate, and fund each other to upgrade the network.

Polkadot - Blockchain Interoperability Platform

Polkadot is a blockchain-interoperability platform that aims to address many of the challenges facing blockchains today. Rather than trying to be all things at once, it aims to allow blockchains to communicate with each other, allowing projects to use different blockchains to address different needs. Each blockchain is considered a “parachain” connected to Polkadot’s main relay chain. Polkadot provides scalability, interoperability, and also upgradeability without having to fork - a severe limitation of today’s most popular blockchains.

Edgware’s Lockdrop

Edgeware is using a novel token “lockdrop” distribution method to distribute 90% of tokens. Participants can timelock their ETH for 3 months, 6 months, or one year to receive EDG tokens, and receive their original ETH back.

Quantstamp’s engineers worked over the course of several days to analyze Edgeware’s token lockup contract for potential vulnerabilities to ensure smart contract security and safety of funds. To the extent reviewed, this audit aims to make sure that funds cannot be accessed or stolen from the contracts. This involved auditing to avoid any bugs in the contract code or at the time of execution, which if not addressed, could be exploited by a malicious attacker to access funds from the contract.

“With Edgeware, we’re addressing the challenges facing the blockchain space through using the latest tools and frameworks, as well as new governance and token distribution models,” noted Dillon Chen, founder of Commonwealth Labs. “Tied closely to the governance of our project is our lockdrop token distribution. With on-chain governance and a 90% lockdrop token distribution, the lockdrop is key to the success of our project and we wanted to go with the most trusted name in the business - Quantstamp.”

Get an Audit with Quantstamp

Interested in receiving a Quantstamp audit or other service? The best crypto native companies trust Quantstamp to audit their products including Chainlink, OmiseGO and Binance. Learn more here.

Quantstamp and MythX are very excited to support EthBerlin this year. If you're participating, come find us at the HelpDesk, your one-stop resource for any security-related inquiries. Need suggestions on more secure code implementations or advice on mitigating certain vulnerabilities? The HelpDesk is available round the clock to offer guidance and assistance throughout the hackathon.

Computer scientists say that a procedure is re-entrant if its execution can be interrupted in the middle, initiated over (re-entered), and both runs can complete without any errors in execution. In the context of Ethereum smart contracts, re-entrancy can lead to serious vulnerabilities.